In this post, I will provide an in-depth technical analysis of an application portraying itself as TikTok Pro which is a dangerous spyware. APK Metadata Malware sample: here MD5: 9fed52ee7312e...

In this post, I will provide an in-depth technical analysis of Dark Crystal RAT, a backdoor written in C#. File Metadata Malware sample: here MD5: b478d340a787b85e086cc951d0696cb1 SHA256: 8d...

In this post, I will provide an in-depth technical analysis of a malicious android application that steals cookies from the browser and sends them to a C2 server. APK Metadata Malware sample: he...

In this post, I will provide an in-depth technical analysis of the malicious Android application known as “Free Followers,” specifically focusing on its ransomware functionality. APK Metadata Ma...

Below are my write-ups for the Pokeball Escape and Bleep challenges that were part of UMDCTF 2023. Pokeball Escape After decompiling the Pokeball Escape application using JADX, we get the follo...

Overview Packed Sample : https://bazaar.abuse.ch/sample/03b9c7a3b73f15dfc2dcb0b74f3e971fdda7d1d1e2010c6d1861043f90a2fecd/ Unpacked Sample : https://bazaar.abuse.ch/sample/d3c75c5bc4ae087d547bd722...

Description WarZone is a Remote Access Trojan (RAT) that is sold on a publicly available website, as a Malware-as-a-Service. MD5: 48FF98ED6AE74DA9C1FEF59B40699BAE SHA256: 4537FAB9DE768A668AB4E72A...

Attachments : welkerme.tar.gz , compress.sh First of all, let’s have a look on the source code of the driver. #include <linux/cdev.h> #include <linux/fs.h> #include <linux/kernel.h...

Attachments : chall , main.cpp So, this was an interesting challenge on CPP pwn from Cake CTF. This was the first time I tried my hands on cpp pwning. First of all, let’s have a look on the secu...

REvil or Sodinokibi ransomware is a powerful ransomware that encrypts files. It uses advanced encryption techniques and can operate without connection to control servers. So, let’s get started ...